Date: Wed, 23 Feb 2000 13:41:14 +0100 From: Martin Cracauer <cracauer@cons.org> To: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE> Cc: Martin Cracauer <cracauer@cons.org>, hackers@FreeBSD.ORG Subject: Re: FreeBSD as high speed router Message-ID: <20000223134113.A5723@cons.org> In-Reply-To: <20000223115722.A23927@gil.physik.rwth-aachen.de>; from kuku@gilberto.physik.RWTH-Aachen.DE on Wed, Feb 23, 2000 at 11:57:22AM %2B0100 References: <200002220935.KAA14202@gil.physik.rwth-aachen.de> <20000223114214.A45619@cons.org> <20000223115722.A23927@gil.physik.rwth-aachen.de>
next in thread | previous in thread | raw e-mail | index | archive | help
In <20000223115722.A23927@gil.physik.rwth-aachen.de>, Christoph Kukulies wrote: > On Wed, Feb 23, 2000 at 11:42:14AM +0100, Martin Cracauer wrote: > > The thing is bootet from floppy and is a pure filtering router, no > > NAT, no applications/server, no proxies (which is suicide on a > > firewall anyway). > > Would be interesting to tell how you managed to produce a bootable floppy > with the subsequent scripting that starts the OS and all that. This setup is still 2.2.8-stable as the same thing done with 3.x will not fit onto the floppy. It was done before PicoBSD, otherwise I would have based by work on that. Basically, a small and kzip'ed kernel and needed stuff are put into a 1.44 MB file that is disklabeled and newfs'd as a BSD FFS. The trick I used is that I have a custom `init` binary, which looks at getpid() and argv[0] and depending on that bahaves like: - init - df - login (against md5'ed passwd stored in binary) - dmesg - a simple more - sleep - route You can hardlink it to these names and it will then get its intended behaviour from argv[0]. To save inodes, you may also choose the behaviour by switches to the name 'init' (which behaves like a real init only when it is pid 1). The advantage is of course that you have just one binary, this saves a lot of space, especially when you don't want shared libraries. Other stuff on the floppy are telnet, ls, /bin/sh, ifconfig, tcpdump and ipfw in maximaum stripped versions and with many #ifdef's turned off. Some of that is compressed, after evaluating advantages and disadvantages. I am not allowed to post the whole setup here, because if contains much of our network achitekture. However, I planned to switch to PicoBSD anyway (mostly to get to FreeBSD-3.x) and hope that I'm allowed to contribute the init(8) as described above. Martin -- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Martin Cracauer <cracauer@cons.org> http://www.cons.org/cracauer/ Tel.: (private) +4940 5221829 Fax.: (private) +4940 5228536 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000223134113.A5723>